Supported Xen Project 4.4 series

Categories

Xen Project 4.4.0

Release Information

The Xen Project 4.4 release incorporates many new features and improvements to existing features.

Documentation

For Xen Project 4.4 documentation see

Contribution Acknowledgements

For a breakdown of contributions to Xen 4.4 check out the Xen Project 4.4 Acknowledgements.

Xen Project 4.4.1

We are pleased to announce the release of Xen 4.4.1. This is available immediately from its git repository http://xenbits.xen.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.4 (tag RELEASE-4.4.1)

This release fixes the following critical vulnerabilities:

  • CVE-2014-2599 / XSA-89 HVMOP_set_mem_access is not preemptible
  • CVE-2014-3125 / XSA-91 Hardware timer context is not properly context switched on ARM
  • CVE-2014-3124 / XSA-92 HVMOP_set_mem_type allows invalid P2M entries to be created
  • CVE-2014-2915 / XSA-93 Hardware features unintentionally exposed to guests on ARM
  • CVE-2014-2986 / XSA-94 ARM hypervisor crash on guest interrupt controller access
  • CVE-2014-3714,CVE-2014-3715,CVE-2014-3716,CVE-2014-3717 / XSA-95 input handling vulnerabilities loading guest kernel on ARM
  • CVE-2014-3967,CVE-2014-3968 / XSA-96 Vulnerabilities in HVM MSI injection
  • CVE-2014-3969 / XSA-98 insufficient permissions checks accessing guest memory on ARM
  • CVE-2014-4021 / XSA-100 Hypervisor heap contents leaked to guests
  • CVE-2014-4022 / XSA-101 information leak via gnttab_setup_table on ARM
  • CVE-2014-5147 / XSA-102 Flaws in handling traps from 32-bit userspace on 64-bit ARM
  • CVE-2014-5148 / XSA-103 Flaw in handling unknown system register access from 64-bit userspace on ARM Additionally a workaround for CVE-2013-3495 / XSA-59 (Intel VT-d Interrupt Remapping engines can be evaded by native NMI interrupts) has been put in place. However, at this point we can't guarantee that all affected chipsets are being covered; Intel is working diligently on providing us with a complete list. Apart from those there are many further bug fixes and improvements.

We recommend all users of the 4.4 stable series to update to this first point release.

Xen Project 4.4.2

We are pleased to announce the release of Xen 4.4.2. This is available immediately from its git repository

http://xenbits.xen.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.4 (tag RELEASE-4.4.2) or from this download page

This fixes the following critical vulnerabilities:

  • CVE-2014-5146, CVE-2014-5149 / XSA-97: Long latency virtual-mmu operations are not preemptible
  • CVE-2014-7154 / XSA-104: Race condition in HVMOP_track_dirty_vram
  • CVE-2014-7155 / XSA-105: Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation
  • CVE-2014-7156 / XSA-106: Missing privilege level checks in x86 emulation of software interrupts
  • CVE-2014-6268 / XSA-107: Mishandling of uninitialised FIFO-based event channel control blocks
  • CVE-2014-7188 / XSA-108: Improper MSR range used for x2APIC emulation
  • CVE-2014-8594 / XSA-109: Insufficient restrictions on certain MMU update hypercalls
  • CVE-2014-8595 / XSA-110: Missing privilege level checks in x86 emulation of far branches
  • CVE-2014-8866 / XSA-111: Excessive checking in compatibility mode hypercall argument translation
  • CVE-2014-8867 / XSA-112: Insufficient bounding of "REP MOVS" to MMIO emulated inside the hypervisor
  • CVE-2014-9030 / XSA-113: Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling
  • CVE-2014-9065, CVE-2014-9066 / XSA-114: p2m lock starvation
  • CVE-2015-0361 / XSA-116: xen crash due to use after free on hvm guest teardown
  • CVE-2015-1563 / XSA-118: arm: vgic: incorrect rate limiting of guest triggered logging
  • CVE-2015-2152 / XSA-119: HVM qemu unexpectedly enabling emulated VGA graphics backends
  • CVE-2015-2044 / XSA-121: Information leak via internal x86 system device emulation
  • CVE-2015-2045 / XSA-122: Information leak through version information hypercall
  • CVE-2015-2151 / XSA-123: Hypervisor memory corruption due to x86 emulator flaw

Additionally a bug in the fix for CVE-2014-3969 / CVE-2015-2290 / XSA-98 (which got assigned CVE-2015-2290) got addressed.

Sadly the workaround for CVE-2013-3495 / XSA-59 (Intel VT-d Interrupt Remapping engines can be evaded by native NMI interrupts) still can't be guaranteed to cover all affected chipsets; Intel continues to be working on providing us with a complete list.

Apart from those there are many further bug fixes and improvements.

We recommend all users of the 4.4 stable series to update to this first point release.